<?php
/**
 * Paypal IPN Class (Testing Only)
 *
 * @author		JREAM
 * @link		http://jream.com
 * @copyright		2011 Jesse Boyer (contact@jream.com)
 * @license		GNU General Public License 3 (http://www.gnu.org/licenses/)
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details:
 * http://www.gnu.org/licenses/
 */
 include("invoice.php");
class Paypal_IPN
{
	/** @var string $_url The paypal url to go to through cURL
	private $_url;

	/**
	* @param string $mode 'live' or 'sandbox' 
	*/
	
	public function __construct($mode = 'sandbox')
	{
		if ($mode == 'live')
		$this->_url = 'https://www.paypal.com/cgi-bin/webscr';
		
		else
		$this->_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
	}
	public function insert($txn_id,$user_id,$item_id,$item_name,$quantity,$per_item_total,$fname,$lname,$email,$purchase_date,$payment_type){
	
		$sql = "INSERT INTO tblpayment(txn_id,user_id,item_id,item_name,quantity,per_item_total,fname,lname,email,purchase_date,payment_type)
				VALUES('".$txn_id."','".$user_id."','".$item_id."','".$item_name."','".$quantity." ','".$per_item_total."','".$fname."','".$lname."','".$email."','".$purchase_date."','".$payment_type."')";
		mysql_query($sql);
		
	
	}
	public function get_price($pid){
		$result=mysql_query("select price from tblswaping where id=$pid") or die("select name from tblswaping where id=$pid"."<br/><br/>".mysql_error());
		$price=mysql_fetch_array($result);
		return $price['price'];
	}
	public function get_current_qty($pid){
		$result=mysql_query("select quantity from tblswaping where id=$pid") or die("select name from tblswaping where id=$pid"."<br/><br/>".mysql_error());
		$qty=mysql_fetch_array($result);
		return $qty['quantity'];
	}
	public function update_qty($pid,$qty_new){
		$query  = mysql_query("update tblswaping set quantity='$qty_new' where id='$pid' ") or die(mysql_error());
	}
	
	
	
	public function run()
	{
		$postFields = 'cmd=_notify-validate';
		
		foreach($_POST as $key => $value)
		{
			$postFields .= "&$key=".urlencode($value);
		}
	
		$ch = curl_init();

		curl_setopt_array($ch, array(
			CURLOPT_URL => $this->_url,
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_SSL_VERIFYPEER => false,
			CURLOPT_POST => true,
			CURLOPT_POSTFIELDS => $postFields
		));
		
		$result = curl_exec($ch);
		curl_close($ch);
		
		
		
		if($result == 'VERIFIED'){
			
			include("../db_connect.php");
			$num_cart_items = $_POST['num_cart_items'];
			$payment_gross = $_POST['payment_gross'];
			for($i=1; $i<=$num_cart_items; $i++ ){
			$txn_id = $_POST['txn_id'];
			$user_id = $_POST['custom'];
			$fname = $_POST['first_name'];	
			$lname = $_POST['last_name'];
			$email = $_POST['payer_email'];
			$delivered = 'no';
			$purchase_date = date("M-j-Y / h:i A");
				
			//this must be in order or you will not save this to the database
			$item_name = $_POST['item_name'.$i.''];	
			$item_id = $_POST['item_number'.$i.'']; //id of the purchase item
			
						
			$price	= $this->get_price($item_id); // get first the price
			$qty = $_POST['quantity'.$i.'']; // get the quantity from paypal
			//for the stock variant report
			$per_item_total = $qty * $price; // get the total 
			$qty_stock = $this->get_current_qty($item_id);
			$qty_new = intval($qty_stock) - intval($qty);
			//update the qty
				
			$sql = "INSERT INTO tblpayment(txn_id,user_id,fname,lname,item_name,item_id,qty,qty_stock,qty_new,per_item_total,email,purchase_date,delivered)values
			('".$txn_id."','".$user_id."','".$fname."', '".$lname."','".$item_name."','".$item_id."','".$qty."','".intval($qty_stock)."','".intval($qty_new)."', '".$per_item_total."','".$email."','".$purchase_date."','".$delivered."')";	
			mysql_query($sql);
			$this->update_qty($item_id,$qty_new);
			}
		$invoice = new Sendpdf();
		$invoice->run($txn_id,$payment_gross);
			
					
		}
		else{
		
		}
		
		$fh = fopen('result.txt', 'w');
		fwrite($fh, $result . ' -- ' . $postFields);
		fclose($fh);
		
		echo $sql;
	}
}